you can TEST for Get ( ApplicationVersion )
I use it this way:
If ( PatternCount ( Get ( ApplicationVersion ) ; "Web" ) // do this )
.... (you might put a halt here, if you don't want any script that might be called)
but it would have to be on every script that might be called.
Otherwise look to your privilege sets to limit somethings.
Thanks Beverly! Is there a way to tell if the Script is being called via the URL?
I need my WebDirect users to be able to trigger scripts when clicking buttons, etc. But I don't want them having the ability to trigger Scripts by modifying the URL.
not that I can think of currently. the test for ApplicationVersion wouldn't help if you sometimes need to call scripts within Web Direct. Web Direct buttons can pass the parameter, but it may be in URL, so they would have it.
Thank you, Beverly! You helped me think it through!
It looks like the buttons can all pass a parameter that the scripts check for.
The parameter will be unpublished - that will make it unlikely that anyone can call a script via the URL - since all scripts will look for the presence of the parameter. If the parameter is missing - Exit Script.
Seems like a lot of work!
OR maybe I should rename all the Scripts with a string that would be very difficult to guess?
Something like - "Insert Picture - j27f6n9ViU&^yjnliT" and "Edit Record - j27f6n9ViU&^yjnliT"
That would make it very unlikely any user could mess with the database by passing Scripts via the URL. That might be the solution. It's not really secure - but it's better than nothing!
oh the work-arounds we do...